Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FHH0wMngPfw2r-tveyCeAL66EzQ.roa
File: FHH0wMngPfw2r-tveyCeAL66EzQ.roa (raw, json)
Hash identifier: TBEZ/8VjM0a/BEFmkeUf8/VN4zY3b2bcjxTap6xFq4Q=
Subject key identifier: 14:71:F4:C0:C9:E0:3D:FC:36:AF:EB:6F:7B:20:9E:00:BE:BA:13:34
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019127A75C085006025F8593A9D111E8DD60
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FHH0wMngPfw2r-tveyCeAL66EzQ.roa
Signing time: Tue 06 Aug 2024 12:26:04 +0000
ROA not before: Tue 06 Aug 2024 12:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54252
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.123.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:a7:5c:08:50:06:02:5f:85:93:a9:d1:11:e8:dd:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 6 12:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1471f4c0c9e03dfc36afeb6f7b209e00beba1334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f4:f3:af:07:0a:72:d5:df:9a:8a:67:9b:f0:
29:f5:13:01:3f:32:d6:ba:ff:5b:36:81:71:48:74:
7f:f7:3b:d5:6e:50:e6:f4:b3:c1:a1:b0:fc:99:9c:
4e:f8:e6:bd:d6:3c:45:bd:a3:f0:0b:37:53:5c:fd:
e7:bd:7b:64:4f:5c:95:08:8c:8e:2c:37:a7:90:69:
0a:8a:7b:e5:04:8f:d4:a8:e9:fa:5e:f1:59:52:91:
b1:59:0e:87:9f:6d:6b:b9:5c:00:5b:60:64:77:d6:
f6:2d:e0:36:22:9d:41:99:cd:93:cd:42:8d:bb:b9:
06:51:25:48:cf:5b:f9:c9:44:3d:6f:71:9e:67:0e:
c7:2e:d9:2f:1a:78:ea:2d:aa:ed:a1:fc:f1:8c:56:
80:a9:18:b4:b5:af:95:4c:fd:aa:0f:3c:b0:2a:de:
8b:30:5e:28:7d:b0:84:c1:38:7f:f0:89:00:bf:ad:
99:6d:fd:59:b7:2d:67:09:4d:ac:1a:3b:c6:c7:3d:
96:8f:93:8d:86:bc:70:76:ce:6d:16:99:d6:fa:83:
1b:38:9b:2e:62:12:90:f9:93:35:55:91:e2:4e:ef:
d4:11:95:db:5a:ce:92:dd:e0:74:37:fe:d5:a9:7a:
00:24:e3:48:2f:67:92:a2:73:b9:fe:e0:23:91:d1:
19:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:71:F4:C0:C9:E0:3D:FC:36:AF:EB:6F:7B:20:9E:00:BE:BA:13:34
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FHH0wMngPfw2r-tveyCeAL66EzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.123.0/24
163.5.199.0/24
163.5.216.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:79:da:13:54:1b:f6:c2:26:f1:92:12:05:5b:9b:ef:b8:cb:
78:d8:06:0e:4f:ac:5b:a5:c7:3b:f5:11:38:9b:48:15:fe:73:
b6:9c:44:14:19:f6:a2:02:c3:fb:01:3d:b9:ae:8f:01:50:7c:
1c:04:10:28:c3:ac:bd:4a:96:35:be:f3:18:15:2c:10:61:5d:
c3:20:a2:b0:cf:60:5e:0d:36:6b:d1:7a:4d:46:fa:ed:df:46:
d1:e7:1f:2e:6a:73:4d:5e:83:1b:c6:8b:7a:1d:f8:f2:96:0d:
aa:50:5d:d8:98:78:ef:c7:05:38:4d:61:08:3b:67:88:f2:dc:
1f:43:70:3a:95:d2:6a:f6:28:c9:f7:4f:6e:b2:ab:af:25:89:
fd:6b:a1:93:9d:b3:d9:e7:1b:6e:27:ea:c4:85:70:e8:5b:1d:
6b:77:04:64:13:ce:05:e4:e5:b3:e4:0a:74:f7:8f:1f:f8:8f:
a5:b9:77:f3:df:82:39:60:93:5e:82:9d:f9:e9:a8:39:6a:c5:
3c:45:5c:b4:4e:c3:41:0a:9c:c9:a9:e1:61:6c:34:8a:d0:fe:
b8:05:08:ea:88:78:89:9c:8e:71:19:89:59:65:33:0e:3c:90:
e6:69:de:0f:4b:9c:a5:cc:38:af:6f:97:a0:ec:07:53:6a:d9:
e6:e9:82:bf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEnp1wIUAYCX4WTqdER6N1gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwODA2MTIyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDcxZjRjMGM5ZTAzZGZjMzZhZmViNmY3YjIwOWUwMGJlYmExMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPTzrwcKctXfmopnm/Ap9RMBPzLW
uv9bNoFxSHR/9zvVblDm9LPBobD8mZxO+Oa91jxFvaPwCzdTXP3nvXtkT1yVCIyO
LDenkGkKinvlBI/UqOn6XvFZUpGxWQ6Hn21ruVwAW2Bkd9b2LeA2Ip1Bmc2TzUKN
u7kGUSVIz1v5yUQ9b3GeZw7HLtkvGnjqLartofzxjFaAqRi0ta+VTP2qDzywKt6L
MF4ofbCEwTh/8IkAv62Zbf1Zty1nCU2sGjvGxz2Wj5ONhrxwds5tFpnW+oMbOJsu
YhKQ+ZM1VZHiTu/UEZXbWs6S3eB0N/7VqXoAJONIL2eSonO5/uAjkdEZTQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBRx9MDJ4D38Nq/rb3sgngC+uhM0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRkhIMHdNbmdQZncyci10dmV5Q2VBTDY2RXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUeAwQA
owV7AwQAowXHAwQAowXYMA0GCSqGSIb3DQEBCwUAA4IBAQAqedoTVBv2wibxkhIF
W5vvuMt42AYOT6xbpcc79RE4m0gV/nO2nEQUGfaiAsP7AT25ro8BUHwcBBAow6y9
SpY1vvMYFSwQYV3DIKKwz2BeDTZr0XpNRvrt30bR5x8uanNNXoMbxot6Hfjylg2q
UF3YmHjvxwU4TWEIO2eI8twfQ3A6ldJq9ijJ909usquvJYn9a6GTnbPZ5xtuJ+rE
hXDoWx1rdwRkE84F5OWz5Ap0948f+I+luXfz34I5YJNegp356ag5asU8RVy0TsNB
CpzJqeFhbDSK0P64BQjqiHiJnI5xGYlZZTMOPJDmad4PS5ylzDivb5eg7AdTatnm
6YK/
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:06:26 2024 by rpki-client on console-ams.rpki-client.org